我正在使用VbScript来检索Win32_Service的securitydescriptor。我使用以下代码:
SE_DACL_PRESENT = &h4
ACCESS_ALLOWED_ACE_TYPE = &h0
ACCESS_DENIED_ACE_TYPE = &h1
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate, (Security)}!\\" & strComputer & "\root\cimv2")
Set colInstalledPrinters = objWMIService.ExecQuery _
("Select * from Win32_Service")
For Each objPrinter in colInstalledPrinters
Wscript.Echo "Name: " & objPrinter.Name
' Get security descriptor for printer
Return = objPrinter.GetSecurityDescriptor( objSD )
If ( return <> 0 ) Then
WScript.Echo "Could not get security descriptor: " & Return
wscript.Quit Return
End If
' Extract the security descriptor flags
intControlFlags = objSD.ControlFlags
If intControlFlags AND SE_DACL_PRESENT Then
' Get the ACE entries from security descriptor
colACEs = objSD.DACL
For Each objACE in colACEs
' Get all the trustees and determine which have access to printer
WScript.Echo objACE.Trustee.Domain & "\" & objACE.Trustee.Name
If objACE.AceType = ACCESS_ALLOWED_ACE_TYPE Then
WScript.Echo vbTab & "User has access to printer"
ElseIf objACE.AceType = ACCESS_DENIED_ACE_TYPE Then
WScript.Echo vbTab & "User does not have access to the printer"
End If
Next
Else
WScript.Echo "No DACL found in security descriptor"
End If
Next
但是,每次我运行它时都会收到消息,说明生成的代码是-2147023582,而不是定义的错误代码 the manual
有人有任何想法吗?我使用的是Windows 7专业版64位。
该数字是-2147023582。它可能是某种64位问题吗?这看起来像无符号整数存储为有符号整数吗?
(PS:不介意变量名......我从msdn中删除了一个例子)。
答案 0 :(得分:3)
错误代码-2147023582(0x80070522)表示“客户端未持有所需的权限”。最有可能的是,WMI名字对象中的Security权限是不够的,您需要以管理员身份运行脚本。 (至少,当您以管理员身份运行时,您的脚本在64位Vista上运行正常。)